Introduction

The point of this HOW-TO is to explain how to setup a dial-in PPP server with dial back support. The reason for this how-to is that at the time of writing, the linux pppd only supports the CBCP client protocol. This led to hours of frustraion for me to do something as simple as call back and I am sure that this will help someone else.

Goals

My goals for this project was to setup a PPP dial-in / dial-back server authing off a Microsoft Active Directory Server. The server would have to support MPPE (encryption) and optionally support MPPC. (compression) All access would be controlled from the Active Directory server.

Hardware Requirements

You should have a modem or modems. I used the Eicon Diva Server PRI card which can support 30 simultaneous calls.

Software Requirements

You should have a Linux system and you should be familiar with kernel installation.

If you want to auth via Active Directory, you will need to install the Microsoft Internet Authentication Service.

A patched kernel with the MPPE/MPPC module if this is a requirement.

A patched pppd that support CBCP server.

mgetty to answer incoming calls.

Configure your kernel

Get the latest source

Make sure you have recent kernel (version numbers are reflecting latest version at the time of this writing, and will likely differ as time goes by):

Patch the kernel

You have to get the patch and apply it to your kernel sources. Download it from here. Make sure you match the patch version with you kernel version. (Note that use of this software in the US may violate patent law. See here)

Note: The patch for kernel 2.6.13 applies to 2.6.14 without errors. Linux 2.6.15 by has MPPE included by default. MPPC is however not part of it. You can still get MPPC to work by removing the MPPE patch that was integrated into 2.6.15 and then applying the MPPC/MPPE patch. (Suggestion from here.)

Configure your kernel

I always compile these things as modules, don't know if they work otherwise. These are the recommendations from the pptpclient project, your connection will not need all of them, but for maximum flexibility/compatibility you should select all of these:

cd /usr/src/linuxmake menuconfig

If a module has a --- instead of the selection box, another module required it, so it is already selected.

Get the tools

Necessary packages

You will need the following packages:

net-dialup/mgettynet-dialup/ppp

Unfortunately you will need to use a patched ppp which is not part of portage.

Configuring portage

You will have to install or recompile ppp with the mppe-mppc dhcp radius eap-tls USE flag. If you don't need any of the features mentioned, don't include them in your flags. Portage gives you several options for that:

You can edit /etc/make.conf and enable mppe-mppc dhcp radius eap-tls system-wide, by adding it to your USE variable:

File: /etc/make.conf

USE="mppe-mppc dhcp radius eap-tls"

Alternatively, you can edit /etc/portage/package.use and enable the mppe-mppc USE flag to the ppp package only: